CVE-2025-27721 HIGH

CVE-2025-27721: INFINITT Healthcare INFINITT PACS Exposure of Sensitive System Information to an Unauthorized Control Sphere

Vendor Infinitt Healthcare
Product INFINITT PACS System Manager
Weakness CWE-497
Published August 21, 2025
Last update August 22, 2025

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Unauthorized users can access INFINITT PACS System Manager without proper authorization, which could lead to unauthorized access to system resources.

Key dates

02Disclosure timeline

August 21, 2025 CVE published
August 22, 2025 Record updated